Tiller Is Deployed
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Vulnerability Type | misconfiguration |
Description#
The deployment includes Helm Tiller, a component from Helm v2 that runs with elevated privileges and exposes an unauthenticated gRPC endpoint, making the cluster management plane vulnerable to remote access and manipulation.
Impact#
If exploited, attackers could gain full control over Kubernetes resources by sending commands to Tiller, potentially leading to privilege escalation, unauthorized deployments or deletions, and compromise of the entire cluster.
Resolution#
Migrate to Helm v3 which no longer has Tiller component